Today companies continually search for ways to improve efficiency, and Internet e-mail has helped to achieve this goal. One of the problems not foreseen in connecting the office to the Internet is the millions of Web sites that exist. Making it simple for workers to connect to the Internet allows users to waste time, money, and bandwidth, only to return with virus-laden files as souvenirs of their efforts. This report examines corporate need for effective Internet controls, and strong access policies.

Topics Covered

? Web Surfing Costs

? Unauthorized Access, Attacks, and Virus Contamination

? Network Security

? Creating a Network Use Policy

Web Surfing Costs

Costs are contained if employees use the Internet at work as intended. A “wired” workplace finds its productivity hampered as often as augmented due to employees having Internet access. The Internet is vast; the temptation to Web surf pursuing personal interests at work is hard to resist.

United States Department of Labor estimates printed in The Standard.com (2000), are wasted time cost corporations three million dollars a year per each 1000 employees. The article continues: “Where are employees wasting most of their time these days? It is not the water cooler”. Companies that want to improve efficiency are looking to rein in Web surfing workers.” In a Christmas 1999 article about electronic greeting cards, ZDNN (1999) reported: “There is rising corporate fervor against opening unnecessary files amid concerns about excessive personal usage among employees.”

Unauthorized Access, Attacks, and Viruses

Web sites proliferate as a means of corporate promotion, customer service, and commerce. Unauthorized Internet access in the form of Web site intrusions, breaches and viruses can lead to lost time, money, information, or worse.

Internet Hackers work to crack passwords, breaking into corporate networks believed secure. Thestandard.com (1999) reported Microsoft fell prey to a hacker attack on its network in October that year. The company says someone transferred its passwords to an e-mail account in Russia, where hackers posed as Microsoft employees.

Banning corporate Internet use to avoid problems is impractical. Too many companies are unaware of the dangers and need a more responsible strategy.

Network security should include:

? Protection against Information Loss

? Productivity Monitoring

? Maximizing Network Speed

Network speed is a function of connection, hardware, and software. Any effective Information Systems Department can achieve this easily. Virus protection and access protection software can prevent data loss or theft. Network-tracking tools exist for unobtrusive use monitoring.

Creating a Network Use Policy

Use polices must advise all employees their Internet access is being monitored. The policy must delineate what types of access the company deems acceptable.

Outline those practices unacceptable: personal interest surfing during business hours; visits to sexually explicit, racist, or terrorism promoting sites at any time. Policies should explain why limits protect time, information, and guarantee a pleasant work environment for everyone. It is important to specify penalties applied for any policy breaches.

Infoworld business technology architect Brooks Talley (1999) advised: “Communicate clearly the change in policy”. Be sure to enumerate the reasons for change, but also be sure to make it clear that if someone has a real need for service, you are committed to providing it.”

Conclusion and Recommendation

Internet connection when used for business purposes does give business a huge edge over companies that are not connected. Disconnecting from the Internet would not allow “instant communication” needed in today’s business environment. The best course of action at this time is to develop a clear network use policy, and implement network use monitoring. Review news, Internet, and professional journal articles, evaluating use trends and monitoring technologies. Information System Department representatives can attend technology symposiums to evaluate newly released technology,